What is RHSA-2026:6912?

RHSA-2026:6912 is a security advisory published by Red Hat Product Security with High severity. Red Hat Security Advisory: Red Hat Quay 3.10.20

Which CVE IDs does RHSA-2026:6912 cover?

RHSA-2026:6912 covers the following CVE IDs: CVE-2026-28498, CVE-2026-30922, CVE-2026-32597, CVE-2026-4599, CVE-2026-4600, CVE-2026-4601, CVE-2026-4602. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of RHSA-2026:6912?

RHSA-2026:6912 has a CVSS v3 base score of 9.1, published by Red Hat Product Security.

RHSA-2026:6912HighCVSS 9.1

Red Hat Security Advisory: Red Hat Quay 3.10.20

Vendor

Red Hat Product Security

Published

April 7, 2026

Last Modified

May 27, 2026

🔗 CVE IDs covered (7)

CVE-2026-28498 · pendingCVE-2026-30922 →CVE-2026-32597 →CVE-2026-4599 · pendingCVE-2026-4600 →CVE-2026-4601 →CVE-2026-4602 · pending

📋 Description

CVE-2026-4599 — jsrsasign: jsrsasign: Private key recovery via incomplete comparison checks biasing DSA nonces CVE-2026-4600 — jsrsasign: jsrsasign: Cryptographic signature forgery via malicious DSA domain parameters CVE-2026-4601 — jsrsasign: jsrsasign: Private Key Recovery via Missing Cryptographic Step in DSA Signing CVE-2026-4602 — jsrsasign: jsrsasign: Signature verification bypass via negative exponent handling CVE-2026-28498 — authlib: Authlib: Authentication bypass via forged OpenID Connect ID Tokens CVE-2026-30922 — pyasn1: pyasn1 Vulnerable to Denial of Service via Unbounded Recursion CVE-2026-32597 — pyjwt: PyJWT accepts unknown crit header extensions (RFC 7515 §4.1.11 MUST violation)

🔗 CVE IDs covered (7)

📋 Description

🔗 References (10)